posts - 80 , comments - 116 , trackbacks - 2

My Links

News


MJ Ferdous

Ferdous has industry level experience with SharePoint and has done several presentations and workshops on SharePoint. He also worked as SharePoint Consultant (CREDEM Italy, Robi etc) and Trainer (BASIS, JAXARA IT, LEADS Co.). He is currently working as SharePoint Architect at BrainStation-23. He also worked as Technical Project Manager for Congral LLC for managing revolutionizing Patient Centric Healthcare applications at the same company since 2009.

Before joining here, he worked for OT Group SPA and for Rockwell Automation in Italy. He is the author of several technical articles with over 49 articles published on http://mrbool.com where he is the Technical Author for the site and author of mssharepointtips.com as well. He is also founder of SharePoint Expert group. Looking for a Offshore Development or partnership.............. in any development in Dot.Net & SharePoint Platform.

invisible hit counter View My Stats

Tag Cloud

Article Categories

Archives

Post Categories

Image Galleries

Blogs [MVP]

My Articles

My Others Link

Public Speaking

Authentication Error with SharePoint Application which uses Host Header on the Server firm

This is known issue with SharePoint 2007 or SharePoint 2010 on Windows Server 2008 platform and not specific to any sharepoint application.

Problem: Your windows credential doesn’t work if you try to log in to the web application (http://contosto.company.com) on the server itself although you can access the same site from outside, when you create a SharePoint web application with a host header (contosto.company.com) on SharePoint Server (Server Name: contosto) which is installed on Windows Server 2008. This problem is happening with the recent patches.

image

If you check the event viewer logs on “Security” category, you will see something like the one below under Audit Failure Keyword

image

The main reason for this issue is Windows includes a loopback check security feature that helps prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name as the system blocks the authentication procedure while resolving the host header given to the web application.

To resolve this issue, a modification must be done to the server's registry to specify the host name. To specify the host names that are mapped to the loopback address and that can connect to Web sites on your computer, follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  3. Right-click MSV1_0, point to New, and then click Multi-String Value.
  4. Type BackConnectionHostNames, and then press ENTER.
  5. Right-click BackConnectionHostNames, and then click Modify.
  6. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
  7. Exit Registry Editor, and then restart the computer.

image

The name placeholder is considered a host header. It is an alternative name for the computer on which Reporting Services is installed. You must add the NetBIOS and the Fully Qualified Domain Name (FQDN) for name to the BackConnectionHostNames list that is stored in the Windows registry.
For example, if name is a Windows computer name, such as contoso, the name can likely also be referenced in FQDN form as contoso.domain.com. You must add both representations to the list in BackConnectionHostNames.

So, The above registry modification must be done for all other SharePoint applications which are using Host Header.

Reference:

 You receive an error message when you use SQL Server 2008 Reporting Services: "HTTP 401.1 - Unauthorized: Logon Failed"

Print | posted on Thursday, January 6, 2011 1:13 AM | Filed Under [ Sharepoint 2007 Microsoft Office SharePoint Server 2007 SharePoint 2010 ]

Feedback

Gravatar

# re: Authentication Error with SharePoint Application which uses Host Header on the Server firm

AWESOME! Thank you!
Works with site01.localhost, site02.localhost, etc!
10/31/2013 3:18 AM | Stephen Soran
Gravatar

# re: Authentication Error with SharePoint Application which uses Host Header on the Server firm

Thanks it's working fine,nice job
4/5/2014 1:28 PM | vignesh
Post A Comment
Title:
Name:
Email:
Comment:
Verification:
 
 

Powered by: